Blog

The Seven Stages of Cybersecurity Grief

Which stage is your company in?

As far back as 1969, psychologists had identified a series of stages that grief-stricken patients pass through, from Denial to Acceptance, when confronted and forced to deal with an unforeseen tragedy.

The same model can be applied to companies grappling with the onslaught of cybersecurity threats. Have a look, and see if you can identify how far along your organization has come.

Shock – All these news stories about breaches, identity theft, and nation-state hacking leave us feeling overwhelmed. Too much information to process!

Denial – It only happens to huge companies like Target and the Home Depot. Or maybe the government. It won’t happen to us. I mean, who’d want what we have, anyway?

Anger – What’s with all these regulations? PCI is a racket! They just want our money. It’s someone else’s problem.

Bargaining – I suppose we have to do something. Let’s buy that new firewall. That’ll help. Or maybe we should hire a security expert. That’s what we need to protect us.

Depression – So we’ve got no return on investment, no visibility, and no end of spending in sight. Just great.

Testing – All right, this is a business issue, not a technology issue. We really need to think through this problem.

Acceptance – Aha! Security is a risk to be managed, and not a problem to be solved.

There are concrete and specific things you can do to get to your own ‘Aha moment.” Give us a shout, and we’ll help you get there.